基础信息
项目名称:confluentinc/ksql
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1721103152538714112/1727703929607118848
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| lodash | 原型污染 | MPS-2020-15679 | CVE-2020-8203 | 高危 |
| dot-prop 原型污染漏洞 | 原型污染 | MPS-2020-1734 | CVE-2020-8116 | 高危 |
| Ini | 拒绝服务 | MPS-2020-17544 | CVE-2020-7788 | 高危 |
| yargs-parser 原型污染漏洞 | 特权定义了不安全动作 | MPS-2020-4006 | CVE-2020-7608 | 中危 |
| stevemao trim-off-newlines 处理逻辑错误漏洞 | 拒绝服务 | MPS-2021-17627 | CVE-2021-23425 | 中危 |
| lodash 拒绝服务漏洞 | 拒绝服务 | MPS-2021-2574 | CVE-2020-28500 | 中危 |
| lodash 命令注入漏洞 | 代码注入 | MPS-2021-2638 | CVE-2021-23337 | 高危 |
| Netty Bzip2Decoder 存在资源穷尽漏洞 | 拒绝服务 | MPS-2021-28116 | CVE-2021-37136 | 高危 |
| Netty 存在资源穷尽漏洞 | 拒绝服务 | MPS-2021-28117 | CVE-2021-37137 | 高危 |
| Ruy Adorno hosted-git-info 正则表达式拒绝服务漏洞 | 拒绝服务 | MPS-2021-3400 | CVE-2021-23362 | 中危 |
| npm path-parse 安全漏洞 | 拒绝服务 | MPS-2021-6165 | CVE-2021-23343 | 高危 |
| trim-newlines 存在拒绝服务漏洞 | 拒绝服务 | MPS-2021-7398 | CVE-2021-33623 | 高危 |
| io.netty:netty-handler 存在证书验证不恰当漏洞 | 证书验证不恰当 | MPS-2022-12067 | 中危 | |
| conventional-commits-parser | ReDoS | MPS-2022-13608 | 中危 | |
| lodash | 拒绝服务 | MPS-2022-13841 | 高危 | |
| lodash | 拒绝服务 | MPS-2022-13842 | 高危 | |
| mkdocs 存在跨站脚本漏洞 | XSS | MPS-2022-14989 | 中危 | |
| Netty 存在信息泄露漏洞 | 将资源暴露给错误范围 | MPS-2022-3790 | CVE-2022-24823 | 中危 |
| node-semver 安全漏洞 | ReDoS | MPS-2022-5166 | CVE-2022-25883 | 高危 |
| minimatch 资源管理错误漏洞 | 拒绝服务 | MPS-2022-59845 | CVE-2022-3517 | 高危 |
| MkDocs 存储型XSS漏洞 | XSS | MPS-2022-6935 | 中危 | |
| snappy-java 输入验证错误漏洞 | 整数溢出或环绕 | MPS-8znw-4jmi | CVE-2023-34453 | 高危 |
| Netty 资源管理错误漏洞 | 不加限制或调节的资源分配 | MPS-9u07-bna1 | CVE-2023-34462 | 中危 |
| snappy-java 的 compress 方法整数溢出漏洞导致拒绝服务 | 整数溢出或环绕 | MPS-angp-mxl2 | CVE-2023-34454 | 中危 |
| Hot Rod 安全漏洞 | 证书验证不恰当 | MPS-b7oj-adm3 | CVE-2023-4586 | 高危 |
| ZooKeeper SASL 身份验证绕过漏洞 | 通过用户控制密钥绕过授权机制 | MPS-bznr-672x | CVE-2023-44981 | 高危 |
| Snappy 安全漏洞 | 不加限制或调节的资源分配 | MPS-s7wb-p03z | CVE-2023-43642 | 高危 |
| Snappy 输入验证错误漏洞 | 不加限制或调节的资源分配 | MPS-tnp7-60hk | CVE-2023-34455 | 高危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| io.netty:netty-handler | 4.1.63.Final | 间接依赖 | 建议修复 | |
| path-parse | 1.0.6 | 1.0.7 | 间接依赖 | 建议修复 |
| ini | 1.3.5 | 1.3.6 | 间接依赖 | 建议修复 |
| io.netty:netty-codec | 4.1.63.Final | 4.1.68.Final | 间接依赖 | 建议修复 |
| trim-newlines | 2.0.0 | 3.0.1 | 间接依赖 | 建议修复 |
| dot-prop | 3.0.0 | 4.2.1 | 间接依赖 | 建议修复 |
| org.xerial.snappy:snappy-java | 1.1.7 | 1.1.10.4 | 间接依赖 | 建议修复 |
| lodash | 4.17.14 | 4.17.21 | 间接依赖 | 建议修复 |
| org.apache.zookeeper:zookeeper | 3.6.3 | 3.7.2 | 间接依赖 | 建议修复 |
| minimatch | 3.0.4 | 3.0.5 | 间接依赖 | 建议修复 |
| org.xerial.snappy:snappy-java | 1.1.7.2 | 1.1.10.4 | 间接依赖 | 建议修复 |
| conventional-commits-parser | 2.1.7 | 3.2.3 | 间接依赖 | 可选修复 |
| hosted-git-info | 2.7.1 | 2.8.9 | 间接依赖 | 可选修复 |
| yargs-parser | 10.1.0 | 13.1.2 | 间接依赖 | 可选修复 |
| semver | 6.1.1 | 7.5.2 | 间接依赖 | 可选修复 |
| trim-off-newlines | 1.0.1 | 1.0.3 | 间接依赖 | 可选修复 |
| lodash.template | 4.5.0 | 间接依赖 | 可选修复 | |
| io.netty:netty-handler | 4.1.100.Final | 间接依赖 | 可选修复 | |
| io.netty:netty-common | 4.1.63.Final | 4.1.77.Final | 间接依赖 | 可选修复 |
| mkdocs | 1.2.3 | 1.3.0 | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 137 | 低 |
| Apache-2.0 | 98 | 低 |
| BSD-2-Clause | 4 | 低 |
| EPL-2.0 | 10 | 低 |
| 自定义许可证 | 14 | 低 |
| EPL-1.0 | 8 | 低 |
| ISC | 18 | 低 |
| BSD-3-Clause | 4 | 低 |
| CC-BY-3.0 | 1 | 低 |
| LGPL-2.1 | 1 | 中 |
| CC0-1.0 | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| is-plain-obj | 1.1.0 | 间接依赖 | npm |
| isarray | 1.0.0 | 间接依赖 | npm |
| org.apache.kafka:kafka-log4j-appender | 直接依赖 | maven | |
| com.github.luben:zstd-jni | 1.3.8-1 | 间接依赖 | maven |
| io.confluent:kafka-json-schema-provider | 7.6.0-261 | 直接依赖 | maven |
| caller-callsite | 2.0.0 | 间接依赖 | npm |
| trim-newlines | 2.0.0 | 间接依赖 | npm |
| org.eclipse.jetty:jetty-io | 9.4.53.v20231009 | 间接依赖 | maven |
| io.netty:netty-common | 4.1.63.Final | 间接依赖 | maven |
| io.confluent:broker-plugins | 直接依赖 | maven | |
| com.approvaltests:approvaltests-util | 9.5.0 | 间接依赖 | maven |
| com.github.rvesse:airline-io | 2.6.0 | 间接依赖 | maven |
| mkdirp | 0.5.6 | 间接依赖 | npm |
| com.fasterxml.jackson.datatype:jackson-datatype-jdk8 | 直接依赖 | maven | |
| io.confluent.ksql:ksqldb-execution | 7.7.0-0 | 直接依赖 | maven |
| org.apache.commons:commons-text | 1.10.0 | 直接依赖 | maven |
| javax.servlet:javax.servlet-api | 3.1.0 | 间接依赖 | maven |
| com.google.code.findbugs:jsr305 | 3.0.2 | 直接依赖 | maven |
| org.apache.commons:commons-math3 | 3.2 | 间接依赖 | maven |
| mdx_truly_sane_lists | 1.2 | 间接依赖 | pip |
| path-type | 3.0.0 | 间接依赖 | npm |
| commons-io:commons-io | 2.7 | 直接依赖 | maven |
| io.confluent.ksql:ksqldb-engine-common | 7.7.0-0 | 直接依赖 | maven |
| org.apache.commons:commons-collections4 | 4.2 | 间接依赖 | maven |
| io.confluent.ksql:ksql-common | 5.4.0-SNAPSHOT | 直接依赖 | maven |
| org.apache.zookeeper:zookeeper-jute | 3.6.3 | 间接依赖 | maven |
| path-exists | 3.0.0 | 间接依赖 | npm |
| org.apache.kafka:kafka-server-common | 直接依赖 | maven | |
| @commitlint/cli | 8.1.0 | 直接依赖 | npm |
| get-stream | 4.1.0 | 间接依赖 | npm |
| org.apiguardian:apiguardian-api | 1.1.0 | 间接依赖 | maven |
| please-upgrade-node | 3.1.1 | 间接依赖 | npm |
| io.airlift:slice | 0.29 | 直接依赖 | maven |
| spdx-correct | 3.1.0 | 间接依赖 | npm |
| org.apache.zookeeper:zookeeper | 3.6.3 | 间接依赖 | maven |
| babel-polyfill | 6.26.0 | 间接依赖 | npm |
| io.netty:netty-transport-native-epoll | 4.1.63.Final | 间接依赖 | maven |
| indent-string | 3.2.0 | 间接依赖 | npm |
| jsonparse | 1.3.1 | 间接依赖 | npm |
| org.apache.httpcomponents.core5:httpcore5 | 5.0.2 | 间接依赖 | maven |
| org.junit.jupiter:junit-jupiter-api | 5.6.2 | 间接依赖 | maven |
| @commitlint/load | 8.1.0 | 间接依赖 | npm |
| junit:junit | 直接依赖 | maven | |
| io.confluent.ksql:ksqldb-rest-client | 7.7.0-0 | 直接依赖 | maven |
| org.eclipse.jetty:jetty-server | 9.4.53.v20231009 | 间接依赖 | maven |
| io.vertx:vertx-bridge-common | 4.4.6 | 间接依赖 | maven |
| ansi-styles | 3.2.1 | 间接依赖 | npm |
| commons-codec:commons-codec | 1.13 | 间接依赖 | maven |
| dargs | 4.1.0 | 间接依赖 | npm |
| strip-indent | 2.0.0 | 间接依赖 | npm |
| @types/normalize-package-data | 2.4.0 | 直接依赖 | npm |
| org.openjdk.jol:jol-core | 0.2 | 间接依赖 | maven |
| org.apache.commons:commons-lang3 | 3.7 | 间接依赖 | maven |
| io.confluent:kafka-connect-json-schema-converter | 7.6.0-261 | 直接依赖 | maven |
| org.mockito:mockito-core | 直接依赖 | maven | |
| pump | 3.0.0 | 间接依赖 | npm |
| arrify | 1.0.1 | 间接依赖 | npm |
| babel-runtime | 6.26.0 | 间接依赖 | npm |
| text-extensions | 1.9.0 | 间接依赖 | npm |
| minimatch | 3.0.4 | 间接依赖 | npm |
| Pygments | 2.15 | 间接依赖 | pip |
| through2 | 2.0.5 | 间接依赖 | npm |
| mkdocs | 1.2.3 | 间接依赖 | pip |
| @commitlint/is-ignored | 8.1.0 | 间接依赖 | npm |
| readable-stream | 2.3.6 | 间接依赖 | npm |
| dk.brics.automaton:automaton | 1.11-8 | 间接依赖 | maven |
| org.apache.commons:commons-lang3 | 3.5 | 直接依赖 | maven |
| com.github.rvesse:airline | 2.6.0 | 直接依赖 | maven |
| io.netty:netty-codec-haproxy | 4.1.100.Final | 直接依赖 | maven |
| org.apache.directory.api:api-ldap-model | 2.1.4 | 间接依赖 | maven |
| pify | 3.0.0 | 间接依赖 | npm |
| org.eclipse.jetty:jetty-jaas | 9.4.53.v20231009 | 直接依赖 | maven |
| minimist-options | 3.0.2 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-cli | 7.7.0-0 | 直接依赖 | maven |
| wrappy | 1.0.2 | 间接依赖 | npm |
| org.apache.kafka:connect-api | 2.2.0 | 直接依赖 | maven |
| quick-lru | 1.1.0 | 间接依赖 | npm |
| load-json-file | 4.0.0 | 间接依赖 | npm |
| org.apache.httpcomponents.client5:httpclient5 | 5.0.3 | 直接依赖 | maven |
| io.confluent:kafka-connect-protobuf-converter | 7.6.0-261 | 直接依赖 | maven |
| org.apache.servicemix.bundles:org.apache.servicemix.bundles.antlr | 2.7.7_5 | 间接依赖 | maven |
| is-ci | 2.0.0 | 间接依赖 | npm |
| semver-compare | 1.0.0 | 间接依赖 | npm |
| io.confluent.ksql:ksql-udf | 5.4.0-SNAPSHOT | 直接依赖 | maven |
| husky | 2.5.0 | 直接依赖 | npm |
| @commitlint/read | 8.1.0 | 间接依赖 | npm |
| OrderedDict | 间接依赖 | pip | |
| color-convert | 1.9.3 | 间接依赖 | npm |
| mkdocs-redirects | 1.0.3 | 间接依赖 | pip |
| import-fresh | 3.1.0 | 间接依赖 | npm |
| shebang-regex | 1.0.0 | 间接依赖 | npm |
| com.google.guava:guava-testlib | 直接依赖 | maven | |
| has-flag | 3.0.0 | 间接依赖 | npm |
| io.netty:netty-codec-http2 | 4.1.100.Final | 间接依赖 | maven |
| mkdocs-material | 8.1.7 | 间接依赖 | pip |
| io.netty:netty-codec | 4.1.100.Final | 间接依赖 | maven |
| org.apache.directory.api:api-util | 2.1.4 | 间接依赖 | maven |
| org.apache.httpcomponents.core5:httpcore5-h2 | 5.0.2 | 间接依赖 | maven |
| @commitlint/lint | 8.1.0 | 间接依赖 | npm |
| com.google.protobuf:protobuf-java-util | 直接依赖 | maven | |
| org.apache.kafka:kafka-streams | 直接依赖 | maven | |
| org.codehaus.janino:janino | 3.0.7 | 直接依赖 | maven |
| parse-json | 4.0.0 | 间接依赖 | npm |
| is-directory | 0.3.1 | 间接依赖 | npm |
| com.fasterxml.jackson.datatype:jackson-datatype-jsr310 | 直接依赖 | maven | |
| map-obj | 2.0.0 | 间接依赖 | npm |
| strip-bom | 3.0.0 | 间接依赖 | npm |
| array-ify | 1.0.0 | 间接依赖 | npm |
| minimist | 1.2.8 | 间接依赖 | npm |
| io.github.classgraph:classgraph | 4.8.59 | 直接依赖 | maven |
| js-yaml | 3.13.1 | 间接依赖 | npm |
| resolve-global | 1.0.0 | 间接依赖 | npm |
| io.netty:netty-handler | 4.1.63.Final | 间接依赖 | maven |
| org.apache.mina:mina-core | 2.2.2 | 间接依赖 | maven |
| end-of-stream | 1.4.1 | 间接依赖 | npm |
| resolve-from | 5.0.0 | 间接依赖 | npm |
| get-stdin | 7.0.0 | 间接依赖 | npm |
| ini | 1.3.5 | 间接依赖 | npm |
| io.vertx:vertx-core | 4.4.6 | 直接依赖 | maven |
| io.confluent.ksql:ksqldb-tools | 7.7.0-0 | 直接依赖 | maven |
| mkdocs-material-extensions | 1.0.3 | 间接依赖 | pip |
| @commitlint/top-level | 8.1.0 | 间接依赖 | npm |
| org.apache.yetus:audience-annotations | 0.5.0 | 间接依赖 | maven |
| org.apache.httpcomponents.client5:httpclient5-fluent | 5.0.3 | 直接依赖 | maven |
| io.confluent.ksql:ksqldb-api-client | 7.7.0-0 | 直接依赖 | maven |
| hosted-git-info | 2.7.1 | 间接依赖 | npm |
| read-pkg-up | 3.0.0 | 间接依赖 | npm |
| io.dropwizard.metrics:metrics-core | 4.2.15 | 间接依赖 | maven |
| io.confluent:ce-sbk_${kafka.scala.version} | 直接依赖 | maven | |
| lodash.template | 4.5.0 | 间接依赖 | npm |
| lodash.templatesettings | 4.2.0 | 间接依赖 | npm |
| io.confluent:kafka-schema-registry-client | 7.6.0-261 | 直接依赖 | maven |
| com.sun.mail:javax.mail | 1.6.2 | 间接依赖 | maven |
| supports-color | 5.5.0 | 间接依赖 | npm |
| org.antlr:antlr4-runtime | 4.13.1 | 直接依赖 | maven |
| @commitlint/rules | 8.1.0 | 间接依赖 | npm |
| io.netty:netty-buffer | 4.1.63.Final | 间接依赖 | maven |
| inflight | 1.0.6 | 间接依赖 | npm |
| dot-prop | 3.0.0 | 间接依赖 | npm |
| io.confluent:kafka-avro-serializer | 7.6.0-261 | 直接依赖 | maven |
| pkg-dir | 4.2.0 | 间接依赖 | npm |
| io.netty:netty-handler | 4.1.100.Final | 间接依赖 | maven |
| through | 2.3.8 | 间接依赖 | npm |
| com.approvaltests:approvaltests | 9.5.0 | 直接依赖 | maven |
| io.vertx:vertx-web-common | 4.4.6 | 间接依赖 | maven |
| io.netty:netty-tcnative-classes | 2.0.61.Final | 间接依赖 | maven |
| read-pkg | 3.0.0 | 间接依赖 | npm |
| fs.realpath | 1.0.0 | 间接依赖 | npm |
| type-fest | 0.4.1 | 直接依赖 | npm |
| org.openjdk.jmh:jmh-generator-annprocess | 1.21 | 直接依赖 | maven |
| is-stream | 1.1.0 | 间接依赖 | npm |
| io.netty:netty-transport-native-unix-common | 4.1.63.Final | 间接依赖 | maven |
| it.unimi.dsi:fastutil | 7.0.6 | 间接依赖 | maven |
| nice-try | 1.0.5 | 间接依赖 | npm |
| is-arrayish | 0.2.1 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-rest-model | 7.7.0-0 | 直接依赖 | maven |
| @commitlint/resolve-extends | 8.1.0 | 间接依赖 | npm |
| lodash | 4.17.14 | 间接依赖 | npm |
| p-finally | 1.0.0 | 间接依赖 | npm |
| split2 | 2.2.0 | 间接依赖 | npm |
| com.github.mifmif:generex | 1.0.1 | 间接依赖 | maven |
| io.confluent:kafka-connect-avro-converter | 7.6.0-261 | 直接依赖 | maven |
| io.confluent.ksql:ksqldb-engine | 7.7.0-0 | 直接依赖 | maven |
| cosmiconfig | 5.2.1 | 间接依赖 | npm |
| org.codehaus.janino:commons-compiler | 3.0.7 | 间接依赖 | maven |
| org.apache.avro:avro | 直接依赖 | maven | |
| com.ibm.icu:icu4j | 67.1 | 直接依赖 | maven |
| io.netty:netty-codec-http | 4.1.100.Final | 间接依赖 | maven |
| git-raw-commits | 1.3.6 | 间接依赖 | npm |
| inherits | 2.0.4 | 间接依赖 | npm |
| spdx-exceptions | 2.2.0 | 间接依赖 | npm |
| camelcase | 4.1.0 | 间接依赖 | npm |
| number-is-nan | 1.0.1 | 间接依赖 | npm |
| core-js | 2.6.9 | 间接依赖 | npm |
| q | 1.5.1 | 间接依赖 | npm |
| locate-path | 2.0.0 | 间接依赖 | npm |
| process-nextick-args | 2.0.1 | 间接依赖 | npm |
| org.apache.directory.api:api-asn1-ber | 2.1.4 | 间接依赖 | maven |
| pymdown-extensions | 10.0 | 间接依赖 | pip |
| error-ex | 1.3.2 | 间接依赖 | npm |
| org.apache.directory.api:api-asn1-api | 2.1.4 | 间接依赖 | maven |
| org.apache.kafka:kafka-clients | 2.2.0 | 间接依赖 | maven |
| isexe | 2.0.0 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-udf | 5.5.0 | 直接依赖 | maven |
| testresources | 2.0.1 | 间接依赖 | pip |
| json-parse-better-errors | 1.0.2 | 间接依赖 | npm |
| chalk | 2.3.1 | 间接依赖 | npm |
| io.confluent:confluent-log4j-extensions | 直接依赖 | maven | |
| io.vertx:vertx-auth-common | 4.4.6 | 间接依赖 | maven |
| decamelize-keys | 1.1.0 | 间接依赖 | npm |
| yargs-parser | 10.1.0 | 间接依赖 | npm |
| io.confluent:kafka-json-serializer | 7.6.0-261 | 直接依赖 | maven |
| io.netty:netty-resolver | 4.1.63.Final | 间接依赖 | maven |
| io.confluent.ksql:ksqldb-common | 7.7.0-0 | 直接依赖 | maven |
| @commitlint/to-lines | 8.1.0 | 间接依赖 | npm |
| io.netty:netty-codec-socks | 4.1.100.Final | 间接依赖 | maven |
| io.confluent.ksql:ksqldb-serde | 7.7.0-0 | 直接依赖 | maven |
| io.confluent:common-logging | 直接依赖 | maven | |
| org.slf4j:slf4j-api | 1.7.21 | 间接依赖 | maven |
| org.apache.directory.api:api-i18n | 2.1.4 | 间接依赖 | maven |
| p-locate | 2.0.0 | 间接依赖 | npm |
| net.java.dev.jna:jna | 4.4.0 | 直接依赖 | maven |
| normalize-package-data | 2.5.0 | 间接依赖 | npm |
| python-dateutil | 2.8.2 | 间接依赖 | pip |
| decamelize | 1.2.0 | 间接依赖 | npm |
| org.apache.kafka:connect-api | 直接依赖 | maven | |
| com.github.rholder:guava-retrying | 2.0.0 | 直接依赖 | maven |
| @commitlint/format | 8.1.0 | 间接依赖 | npm |
| conventional-commits-parser | 2.1.7 | 间接依赖 | npm |
| com.clearspring.analytics:stream | 2.9.5 | 直接依赖 | maven |
| string_decoder | 1.1.1 | 间接依赖 | npm |
| JSONStream | 1.3.5 | 间接依赖 | npm |
| com.google.guava:guava | 直接依赖 | maven | |
| org.reactivestreams:reactive-streams | 1.0.3 | 直接依赖 | maven |
| regenerator-runtime | 0.11.1 | 间接依赖 | npm |
| io.confluent:kafka-protobuf-provider | 7.6.0-261 | 直接依赖 | maven |
| org.mockito:mockito-inline | 直接依赖 | maven | |
| spdx-license-ids | 3.0.4 | 间接依赖 | npm |
| org.junit.platform:junit-platform-commons | 1.6.2 | 间接依赖 | maven |
| javax.ws.rs:javax.ws.rs-api | 2.1.1 | 直接依赖 | maven |
| execa | 1.0.0 | 间接依赖 | npm |
| slash | 3.0.0 | 间接依赖 | npm |
| callsites | 3.1.0 | 间接依赖 | npm |
| org.eclipse.jetty:jetty-util | 9.4.53.v20231009 | 间接依赖 | maven |
| @commitlint/execute-rule | 8.1.0 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-udf | 7.7.0-0 | 直接依赖 | maven |
| resolve | 1.11.1 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-parser | 7.7.0-0 | 直接依赖 | maven |
| org.lz4:lz4-java | 1.5.0 | 间接依赖 | maven |
| find-up | 2.1.0 | 间接依赖 | npm |
| io.netty:netty-common | 4.1.100.Final | 间接依赖 | maven |
| org.apache.kafka:kafka-clients | 直接依赖 | maven | |
| core-util-is | 1.0.2 | 间接依赖 | npm |
| javax.activation:activation | 1.1 | 间接依赖 | maven |
| conventional-changelog-angular | 1.6.6 | 间接依赖 | npm |
| io.netty:netty-handler-proxy | 4.1.100.Final | 间接依赖 | maven |
| @marionebl/sander | 0.6.1 | 间接依赖 | npm |
| cross-spawn | 6.0.5 | 间接依赖 | npm |
| mdx_gh_links | 0.2 | 间接依赖 | pip |
| org.xerial.snappy:snappy-java | 1.1.7 | 间接依赖 | maven |
| org.apache.kafka:connect-runtime | 直接依赖 | maven | |
| io.confluent.ksql:ksqldb-examples | 7.7.0-0 | 直接依赖 | maven |
| org.slf4j:slf4j-api | 1.7.25 | 间接依赖 | maven |
| escape-string-regexp | 1.0.5 | 间接依赖 | npm |
| graceful-fs | 4.2.1 | 间接依赖 | npm |
| org.xerial.snappy:snappy-java | 1.1.7.2 | 间接依赖 | maven |
| once | 1.4.0 | 间接依赖 | npm |
| @commitlint/config-conventional | 8.0.0 | 直接依赖 | npm |
| esprima | 4.0.1 | 间接依赖 | npm |
| mkdocs-git-revision-date-plugin | 0.3.1 | 间接依赖 | pip |
| io.netty:netty-codec-dns | 4.1.100.Final | 间接依赖 | maven |
| @commitlint/message | 8.1.0 | 间接依赖 | npm |
| strip-eof | 1.0.0 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-rest-app | 7.7.0-0 | 直接依赖 | maven |
| org.apache.commons:commons-csv | 1.4 | 直接依赖 | maven |
| spdx-expression-parse | 3.0.0 | 间接依赖 | npm |
| io.confluent.avro:avro-random-generator | 0.2.2 | 直接依赖 | maven |
| npm-run-path | 2.0.2 | 间接依赖 | npm |
| semver | 6.1.1 | 间接依赖 | npm |
| @types/semver | 6.0.1 | 间接依赖 | npm |
| org.apache.kafka:kafka_${kafka.scala.version} | 直接依赖 | maven | |
| org.opentest4j:opentest4j | 1.2.0 | 间接依赖 | maven |
| com.google.protobuf:protobuf-java | 直接依赖 | maven | |
| io.netty:netty-buffer | 4.1.100.Final | 间接依赖 | maven |
| io.confluent.ksql:ksqldb-streams | 7.7.0-0 | 直接依赖 | maven |
| net.sf.jopt-simple:jopt-simple | 4.6 | 间接依赖 | maven |
| com.github.ben-manes.caffeine:caffeine | 2.9.3 | 间接依赖 | maven |
| argparse | 1.0.10 | 间接依赖 | npm |
| defaultdict | 间接依赖 | pip | |
| org.eclipse.jetty:jetty-security | 9.4.53.v20231009 | 间接依赖 | maven |
| parent-module | 1.0.1 | 间接依赖 | npm |
| signal-exit | 3.0.2 | 间接依赖 | npm |
| io.vertx:vertx-web | 4.4.6 | 直接依赖 | maven |
| global-dirs | 0.1.1 | 间接依赖 | npm |
| is-text-path | 1.0.1 | 间接依赖 | npm |
| io.vertx:vertx-web-client | 4.4.6 | 直接依赖 | maven |
| glob | 7.1.4 | 间接依赖 | npm |
| ci-info | 2.0.0 | 间接依赖 | npm |
| io.netty:netty-codec | 4.1.63.Final | 间接依赖 | maven |
| Markdown | 3.3.6 | 间接依赖 | pip |
| org.apache.kafka:kafka-streams-test-utils | 直接依赖 | maven | |
| org.openjdk.jmh:jmh-core | 1.21 | 直接依赖 | maven |
| camelcase-keys | 4.2.0 | 间接依赖 | npm |
| com.squareup:javapoet | 1.9.0 | 直接依赖 | maven |
| org.apache.curator:curator-test | 5.2.0 | 直接依赖 | maven |
| io.netty:netty-transport-native-unix-common | 4.1.100.Final | 间接依赖 | maven |
| path-parse | 1.0.6 | 间接依赖 | npm |
| array-find-index | 1.0.2 | 间接依赖 | npm |
| @commitlint/parse | 8.1.0 | 间接依赖 | npm |
| rimraf | 2.6.3 | 间接依赖 | npm |
| com.fasterxml.jackson.core:jackson-core | 2.15.0 | 间接依赖 | maven |
| org.apache.kafka:connect-json | 直接依赖 | maven | |
| io.netty:netty-resolver-dns | 4.1.100.Final | 间接依赖 | maven |
| @types/node | 12.7.1 | 间接依赖 | npm |
| org.jline:jline | 3.13.1 | 直接依赖 | maven |
| @commitlint/ensure | 8.1.0 | 间接依赖 | npm |
| io.confluent.ksql:ksql-udf | 5.3.0-SNAPSHOT | 直接依赖 | maven |
| color-name | 1.1.3 | 间接依赖 | npm |
| validate-npm-package-license | 3.0.4 | 间接依赖 | npm |
| javax.inject:javax.inject | 1 | 直接依赖 | maven |
| util-deprecate | 1.0.2 | 间接依赖 | npm |
| which | 1.3.1 | 间接依赖 | npm |
| currently-unhandled | 0.4.1 | 间接依赖 | npm |
| io.vertx:vertx-codegen | 4.4.6 | 直接依赖 | maven |
| lodash._reinterpolate | 3.0.0 | 间接依赖 | npm |
| xtend | 4.0.2 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-testing-tool | 7.7.0-0 | 直接依赖 | maven |
| sprintf-js | 1.0.3 | 间接依赖 | npm |
| io.dropwizard.metrics:metrics-core | 3.2.5 | 间接依赖 | maven |
| safe-buffer | 5.1.2 | 间接依赖 | npm |
| shebang-command | 1.2.0 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-metastore | 7.7.0-0 | 直接依赖 | maven |
| run-node | 1.0.0 | 间接依赖 | npm |
| io.netty:netty-transport | 4.1.63.Final | 间接依赖 | maven |
| p-limit | 1.3.0 | 间接依赖 | npm |
| com.google.errorprone:error_prone_annotations | 2.2.0 | 直接依赖 | maven |
| path-is-absolute | 1.0.1 | 间接依赖 | npm |
| redent | 2.0.0 | 间接依赖 | npm |
| io.netty:netty-transport | 4.1.100.Final | 间接依赖 | maven |
| io.netty:netty-resolver | 4.1.100.Final | 间接依赖 | maven |
| io.vertx:vertx-uri-template | 4.4.6 | 间接依赖 | maven |
| mkdocs-macros-plugin | 0.6.3 | 间接依赖 | pip |
| compare-func | 1.3.2 | 间接依赖 | npm |
| caller-path | 2.0.0 | 直接依赖 | npm |
| io.confluent.ksql:ksqldb-version-metrics-client | 7.7.0-0 | 直接依赖 | maven |
| io.netty:netty-tcnative-boringssl-static | 2.0.61.Final | 直接依赖 | maven |
| jinja2 | 3.0.3 | 间接依赖 | pip |
| path-key | 2.0.1 | 间接依赖 | npm |
| io.vertx:vertx-dropwizard-metrics | 4.4.6 | 直接依赖 | maven |
| loud-rejection | 1.6.0 | 间接依赖 | npm |
| io.confluent.ksql:ksqldb-functional-tests | 7.7.0-0 | 直接依赖 | maven |
| trim-off-newlines | 1.0.1 | 间接依赖 | npm |
| meow | 5.0.0 | 间接依赖 | npm |